Patch for CVE-2023-46218 and CVE-2023-23916 - v2

microsoft · Nov 15, 2024 · 584a6f7 · 584a6f7
1 parent 8929bb1
commit 584a6f7
Showing 1 changed file with 14 additions and 4 deletions.
diff --git a/SPECS/cmake/CVE-2023-23916.patch b/SPECS/cmake/CVE-2023-23916.patch
@@ -6,15 +6,25 @@ Subject: [PATCH] Patch for CVE-2023-23916
 Upstream patch: https://github.com/curl/curl/commit/119fb187192a9ea13dc
 
 ---
- Utilities/cmcurl/lib/content_encoding.c | 5 +++++
+ Utilities/cmcurl/lib/content_encoding.c | 8 ++++++++
  Utilities/cmcurl/lib/urldata.h          | 1 +
- 2 files changed, 6 insertions(+)
+ 2 files changed, 9 insertions(+)
 
 diff --git a/Utilities/cmcurl/lib/content_encoding.c b/Utilities/cmcurl/lib/content_encoding.c
-index a84ff543b9..c3136a456e 100644
+index a84ff543b9..c870df2dd4 100644
 --- a/Utilities/cmcurl/lib/content_encoding.c
 +++ b/Utilities/cmcurl/lib/content_encoding.c
-@@ -1065,6 +1065,11 @@ CURLcode Curl_build_unencoding_stack(struct Curl_easy *data,
+@@ -1025,6 +1025,9 @@ static const struct content_encoding *find_encoding(const char *name,
+   return NULL;
+ }
+
++/* allow no more than 5 "chained" compression steps */
++#define MAX_ENCODE_STACK 5
++
+ /* Set-up the unencoding stack from the Content-Encoding header value.
+  * See RFC 7231 section 3.1.2.2. */
+ CURLcode Curl_build_unencoding_stack(struct Curl_easy *data,
+@@ -1065,6 +1068,11 @@ CURLcode Curl_build_unencoding_stack(struct Curl_easy *data,
        if(!encoding)
          encoding = &error_encoding;  /* Defer error at stack use. */